← Back

Enterprise Linux High Availability Eus

enterprise_linux_high_availability_eus

Vendor: Redhat • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-2319
2Clusterlabs
Redhat
3Enterprise Linux High Availability
Enterprise Linux High Availability EusPcs
Jan 22, 2025
May 17, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was prev...Show more
It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2.Show less
CVE-2015-1848
2Fedora
Redhat
5Enterprise Linux High Availability
Enterprise Linux High Availability EusEnterprise Linux Resilient Storage+2 more
May 6, 2026
May 14, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an...Show more
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.Show less